On 03/12/2018 04:30 PM, Pierre Labastie wrote:
On 12/03/2018 22:19, Pierre Labastie wrote:
In order to move to the Maven build system, I tried to rebuild an OpenJDK JVM
in a fresh LFS sytem (in a VM). There are a few problems:
- The jtreg file is updated every few days on the ci.adoptjk.net site. Result:
the MD5sum in the book is obsolete. I suggest removing the MD5sum, there is
no real security threat in a testsuite, is there?
I was not aware of that. There can be a security threat in any code.
Bruce also had a suggestion that we host it. I'm good either way, but
lean toward his suggestion.
- We pass "--with-cacerts-file=/etc/ssl/java/cacerts.jks" to configure, but if
this is the first build of OpenJDK, it is perfectly possible that this file
does not exist, and then the build fails. I would suggest to build it just
after the Java binary installation.
It shouldn't be possible. The expected environment contains the file as
it is part of configuring the binary install. However, I admit that the
instructions being split across multiple pages is confusing. Your next
suggestion works well. Sledgehammer to drive a tack, but I'm good with
- When running /usr/sbin/make-ca --force at the end, there is no reason that
the certdata.txt file be in the current directory. I would suggest to add
the -g option to the command.
- Not tried yet but the last instructions should be
"bin/keytool -list -keystore /opt/jdk/lib/security/cacerts" (in order to
check that the JVM install is OK). And if we want to test the one in /etc,
it should be "bin/keytool -list -keystore /etc/ssl/java/cacerts.jks" (.jks
added at the end).
Ugh, my bad. I missed it when I flipped it.
Actually, the real test is "bin/keytool -list -cacerts"
After the symlink is in place. Even with the switch, it still installs
an empty cacerts file, but the configure switch is used during the
May I do that?
Unsubscribe: See the above information page